The authors explain each category of vulnerability using real-world examples, screen shots and code extracts. The book is extremely practical in focus, and describes in detail the steps involved in detecting and exploiting each kind of security weakness found within a variety of applications such as online banking, e-commerce and other web applications. The topics covered include bypassing login mechanisms, injecting code, exploiting logic flaws and compromising other users. Because every web application is different, attacking them entails bringing to bear various general principles, techniques and experience in an imaginative way. The most successful hackers go beyond this, and find ways to automate their bespoke attacks. This handbook describes a proven methodology that combines the virtues of human intelligence and computerized brute force, often with devastating results.The authors are professional penetration testers who have been involved in web application security for nearly a decade. They have presented training courses at the Black Hat security conferences throughout the world. Under the alias "PortSwigger," Dafydd developed the popular Burp Suite of web application hack tools.

    Under the leadership of Henrik Kniberg they experimented with different team sizes, different sprint lengths, different ways of defining "done", different formats for product backlogs and sprint backlogs, different testing strategies, different ways of doing demos, different ways of synchronizing multiple Scrum teams, etc. They also experimented with XP practices - different ways of doing continuous build, pair programming, test driven development, etc, and how to combine this with Scrum.

    Gates stresses the need for managers to view technology not as overhead but as a strategic asset, and offers detailed examples from Microsoft, GM, Dell, and many other successful companies. Companion Web site.

    In this completely updated edition of our best-selling guide to HTML, Web expert and best-selling author Elizabeth Castro uses crystal-clear instructions and friendly prose to introduce you to all of today's HTML and XHTML essentials. Yoursquo;ll learn how to design, structure, and format your Web site. You'll create and use images, links, styles, lists, tables, frames, and forms, and you'll add sound and movies to your site. Finally, you will test and debug your site, and publish it to the Web. Along the way, you'll find extensive coverage of CSS techniques, current browsers (Opera, Safari, Firefox), creating pages for the mobile Web, and more. Visual QuickStart Guide--the quick and easy way to learn! Easy visual approach uses pictures to guide you through HTML and show you what to do. Concise steps and explanations get you up and running in no time. Page for page, the best content and value around. Companion Web site at www.cookwood.com/html offers examples, a lively question-and-answer area, updates, and more. Need to learn HTML fast? This best-selling reference's visual format and step-by-step, task-based instructions will have you up and running with HTML in no time.

    Anyone with a modest knowledge of HTML and web site management can learn to create dynamic content through the PHP programming language and the MySQL database. This book gives you the background and tools to do the job safely and reliably.Web Database Applications with PHP and MySQL, Second Edition thoroughly reflects the needs of real-world applications. It goes into detail on such practical issues as validating input (do you know what a proper credit card number looks like?), logging in users, and using templates to give your dynamic web pages a standard look.But this book goes even further. It shows how JavaScript and PHP can be used in tandem to make a user's experience faster and more pleasant. It shows the correct way to handle errors in user input so that a site looks professional. It introduces the vast collection of powerful tools available in the PEAR repository and shows how to use some of the most popular tools.Even while it serves as an introduction to new programmers, the book does not omit critical tasks that web sites require. For instance, every site that allows updates must handle the possibility of multiple users accessing data at the same time. This book explains how to solve the problem in detail with locking.Through a sophisticated sample application--Hugh and Dave's Wine Store--all the important techniques of dynamic content are introduced. Good design is emphasized, such as dividing logic from presentation. The book introduces PHP 5 and MySQL 4.1 features, while providing techniques that can be used on older versions of the software that are still in widespread use.This new edition has been redesigned around the rich offerings of PEAR. Several of these, including the Template package and the database-independent query API, are fully integrated into examples and thoroughly described in the text. Topics include:Installation and configuration of Apache, MySQL, and PHP on Unix®, Windows®, and Mac OS® X systems Introductions to PHP, SQL, and MySQL administration Session management, including the use of a custom database for improved efficiency User input validation, security, and authentication The PEAR repository, plus details on the use of PEAR DB and Template classes Production of PDF reports

    Ideal for processing large datasets, the Apache Hadoop framework is an open source implementation of the MapReduce algorithm on which Google built its empire. This comprehensive resource demonstrates how to use Hadoop to build reliable, scalable, distributed systems: programmers will find details for analyzing large datasets, and administrators will learn how to set up and run Hadoop clusters. Complete with case studies that illustrate how Hadoop solves specific problems, this book helps you:Use the Hadoop Distributed File System (HDFS) for storing large datasets, and run distributed computations over those datasets using MapReduce Become familiar with Hadoop's data and I/O building blocks for compression, data integrity, serialization, and persistence Discover common pitfalls and advanced features for writing real-world MapReduce programs Design, build, and administer a dedicated Hadoop cluster, or run Hadoop in the cloud Use Pig, a high-level query language for large-scale data processing Take advantage of HBase, Hadoop's database for structured and semi-structured data Learn ZooKeeper, a toolkit of coordination primitives for building distributed systems If you have lots of data -- whether it's gigabytes or petabytes -- Hadoop is the perfect solution. Hadoop: The Definitive Guide is the most thorough book available on the subject. "Now you have the opportunity to learn about Hadoop from a master-not only of the technology, but also of common sense and plain talk." -- Doug Cutting, Hadoop Founder, Yahoo!

    Learn how to: Intersperse audio/video with textual content Create a graphing calculator to display algebraic equations on the Canvas Use geolocation to customize a work of fiction with details from the reader's locale Use Canvas to add interactivity to a children's picture book

    Topics covered include:Basic version control commands and conceptsIntroduction to Distributed Version Control Systems (DVCS)Advanced branching workflowsStrengths and weaknesses of DVCS vs. centralized toolsBest practicesHow distributed version control works under the hoodFeaturing these open source version control tools:Apache SubversionMercurialGitVeracity

    The Humane Interface is a gourmet dish from a master chef. Five mice! --Jakob Nielsen, Nielsen Norman Group Author of Designing Web Usability: The Practice of Simplicity This unique guide to interactive system design reflects the experience and vision of Jef Raskin, the creator of the Apple Macintosh. Other books may show how to use todays widgets and interface ideas effectively. Raskin, however, demonstrates that many current interface paradigms are dead ends, and that to make computers significantly easier to use requires new approaches. He explains how to effect desperately needed changes, offering a wealth of innovative and specific interface ideas for software designers, developers, and product managers. The Apple Macintosh helped to introduce a previous revolution in computer interface design, drawing on the best available technology to establish many of the interface techniques and methods now universal in the computer industry. With this book, Raskin proves again both his farsightedness and his practicality. He also demonstrates how design ideas must be bui

    You’ll learn how to combine social web data, analysis techniques, and visualization to find what you’ve been looking for in the social haystack—as well as useful information you didn’t know existed.Each standalone chapter introduces techniques for mining data in different areas of the social Web, including blogs and email. All you need to get started is a programming background and a willingness to learn basic Python tools.Get a straightforward synopsis of the social web landscapeUse adaptable scripts on GitHub to harvest data from social network APIs such as Twitter, Facebook, LinkedIn, and Google+Learn how to employ easy-to-use Python tools to slice and dice the data you collectExplore social connections in microformats with the XHTML Friends NetworkApply advanced mining techniques such as TF-IDF, cosine similarity, collocation analysis, document summarization, and clique detectionBuild interactive visualizations with web technologies based upon HTML5 and JavaScript toolkits"A rich, compact, useful, practical introduction to a galaxy of tools, techniques, and theories for exploring structured and unstructured data." --Alex Martelli, Senior Staff Engineer, Google

    The Google Story takes you deep inside the company's wild ride from an idea that struggled for funding in 1998 to a firm that rakes in billions in profits, making Brin and Page the wealthiest young men in America. Based on scrupulous research and extraordinary access to Google, this fast-moving narrative reveals how an unorthodox management style and culture of innovation enabled a search engine to shake up Madison Avenue and Wall Street, scoop up YouTube, and battle Microsoft at every turn. Not afraid of controversy, Google is expanding in Communist China and quietly working on a searchable genetic database, initiatives that test the founders' guiding mantra: DON'T BE EVIL.

     Coauthored by the designer of the Scala language, this authoritative book will teach you, one step at a time, the Scala language and the ideas behind it. The book is carefully crafted to help you learn. The first few chapters will give you enough of the basics that you can already start using Scala for simple tasks. The entire book is organized so that each new concept builds on concepts that came before - a series of steps that promises to help you master the Scala language and the important ideas about programming that Scala embodies. A comprehensive tutorial and reference for Scala, this book covers the entire language and important libraries.

    But how can you get started working in a wide-ranging, interdisciplinary field that’s so clouded in hype? This insightful book, based on Columbia University’s Introduction to Data Science class, tells you what you need to know.In many of these chapter-long lectures, data scientists from companies such as Google, Microsoft, and eBay share new algorithms, methods, and models by presenting case studies and the code they use. If you’re familiar with linear algebra, probability, and statistics, and have programming experience, this book is an ideal introduction to data science.Topics include:Statistical inference, exploratory data analysis, and the data science processAlgorithmsSpam filters, Naive Bayes, and data wranglingLogistic regressionFinancial modelingRecommendation engines and causalityData visualizationSocial networks and data journalismData engineering, MapReduce, Pregel, and HadoopDoing Data Science is collaboration between course instructor Rachel Schutt, Senior VP of Data Science at News Corp, and data science consultant Cathy O’Neil, a senior data scientist at Johnson Research Labs, who attended and blogged about the course.

    This work deconstructs a series of real-world Web sites. It provides 10 strategies for creating standards-based designs that provide user control - a component of every Web site.

    So while the focus is on design, the approach is holistic. Hence, the book speaks to designers, usability specialists, the HCI community, product managers, and business executives. There is an emphasis on balancing the back-end concern with usability and engineering excellence (getting the design right) with an up-front investment in sketching and ideation (getting the right design). Overall, the objective is to build the notion of informed design: molding emerging technology into a form that serves our society and reflects its values.Grounded in both practice and scientific research, Bill Buxton s engaging work aims to spark the imagination while encouraging the use of new techniques, breathing new life into user experience design. Covers sketching and early prototyping design methods suitable for dynamic product capabilities: cell phones that communicate with each other and other embedded systems, "smart" appliances, and things you only imagine in your dreamsThorough coverage of the design sketching method which helps easily build experience prototypes-without the effort of engineering prototypes which are difficult to abandonReaches out to a range of designers, including user interface designers, industrial designers, software engineers, usability engineers, product managers, and othersFull of case studies, examples, exercises, and projects, and access to video clips that demonstrate the principles and methods"